Digital Rights Management: For Better Or For Worse?

This site may earn affiliate commissions from the links on this page. Terms of use.

Unfortunately—or fortunately, depending on yourperspective—the level of persistent protectionprovided by most DRM systems appears to liesomewhere between incredibly weak and really pathetic.DRM offerings from such high-tech luminariesas Microsoft (MS-DRM)and Adobe (eBooks) easily fell to attackers.In fact, there is a widely held belief that robust DRMcan not be achieved via any software product.Ironically, this belief may have become a self-fulfillingprophecy.

Based on the available evidence(i.e., broken DRM systems),the persistent protection methods employedto date have been extremely lame.It’s difficult to know exactly whatprotection mechanisms are being employed bymost unbroken DRM products, since companiesare extremely tight-lipped when itcomes to technical details. This secrecy isitself disturbingsince one of the fundamental principles ofsecurity engineering(Kerckhoff’s Principle) states thata system must be open topublic scrutiny before it can be trusted.This basic principleis grossly violated by virtually all DRMpurveyors today. As far as I am aware,MediaSnap, Inc.,is the only DRM company that provides a reasonabletechnical overview of the security features in their product.

This dearth of technical informationshould be viewed with considerable suspicion. The likelyexplanation is that DRM products rely on“securityby obscurity“, which, in the eyes of most securityexperts, is equated with “no security at all.”

Today, I would not entrustmy valuable digital content (if I had any)to any well-known DRM product.Content providers obviously feel the same way,otherwise there would be far more non-pirateddigital content available online.However, the current state of the DRM artis capable of providing usefulprotection in certain circumstances.One such example is proprietary corporatedocuments. In this scenario,a moderate level of persistent protectionsuffices since there are severelegal consequences for violators.But even here I see no reason to use aweak DRM system when it is possibleto build a more robust—though notunbreakable—software-based system.

The hardware solution

The wildcard in the DRM game is theTrustedComputing Group (formerly, the Trusted ComputingPlatform Alliance, or TCPA), which includes the likes ofIntel and Microsoft, and aims to build DRM protectioninto future generations of hardware. Though not unbreakable,a DRM approach based on tamper-resistant hardware islikely to offer a level of protection far beyond anythingpossible from software-only systems. Of course,this is appealing to copyright holders in aboutthe same measure that it is unpalatable to thosewith a passion for fair use (or free use).To learn more about the potential consequencesof this approach, see Ross Anderson’s excellentTCPA/PalladiumFAQ.

In any event, the Trusted Computing Group solutionis not an option today. And even if comes to fruition,it’s not clear that consumers will accept it—recall thePentiumIII serial number. But the progress of hardware-based DRMbears watching.

The Titanic principle

In 1912, a first-class one-way (part-way, as it turnedout) passage on the Titanic cost the modernequivalent of more than $50,000.While it lasts, a round-trip flight acrossthe Atlantic on the Concorde costs less that $6,000and cheaper first-class rates are available on lessprestigious aircraft. Whereas a flight across theAtlantic takes a few hours, the Titanic would havetaken about a week. If the Titanic were around today,it would obviously need to set its first-classcharge to a small fraction of its 1912 rate in orderto compete.

Today, record companies expect consumers to pay $14.95for a CD that can be had for free online.The online version is of high quality andoften more convenient to obtain—particularlyfor less popular items. Is it reasonable forrecord companies to demand Titanic ratesfor music in a technological era that includesthe internet, peer-to-peer (P2P) networks and broadband?The record labels (and their lawyers) seem to think so.

If the Titanic were around today and charged $50,000 for aticket, I doubt that many people would mourn itsinevitable financial demise.Of course, if the Titanic were to drastically cutits rates and offer something that the airlines could not(a relaxing week at sea, say), it might survive,or even thrive.

This site may earn affiliate commissions from the links on this page. Terms of use.

ExtremeTech Newsletter

Subscribe Today to get the latest ExtremeTech news delivered right to your inbox.

Email

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our
Terms of Use and
Privacy Policy. You may unsubscribe from the newsletter at any time.